Bump angular-mocks from 1.5.9 to 1.8.2 #158

dependabot-preview · 2020-10-23T04:40:31Z

Bumps angular-mocks from 1.5.9 to 1.8.2.

Changelog

Sourced from angular-mocks's changelog.

1.8.2 meteoric-mining (2020-10-21)

Bug Fixes

$sceDelegate: ensure that resourceUrlWhitelist() is identical trustedResourceUrlList() (e41f01, #17090)

$sanitize: do not trigger CSP alert/report in Firefox and Chrome (2fab3d)

1.8.1 mutually-supporting (2020-09-30)

Bug Fixes

$sanitize: do not trigger CSP alert/report in Firefox and Chrome (2fab3d)

Refactorings

SanitizeUriProvider: remove usages of whitelist (76738102)

httpProvider: remove usages of whitelist and blacklist (c953af6b)

sceDelegateProvider: remove usages of whitelist and blacklist (a206e267)

Deprecation Notices

Deprecated ~~$compileProvider.aHrefSanitizationWhitelist~~. It is now aHrefSanitizationTrustedUrlList`.

Deprecated ~~$compileProvider.imgSrcSanitizationWhitelist~~. It is now imgSrcSanitizationTrustedUrlList.

Deprecated ~~$httpProvider.xsrfWhitelistedOrigins~~. It is now xsrfTrustedOrigins.

Deprecated ~~$sceDelegateProvider.resourceUrlWhitelist~~. It is now trustedResourceUrlList.

Deprecated ~~$sceDelegateProvider.resourceUrlBlacklist~~. It is now bannedResourceUrlList.

For the purposes of backward compatibility, the previous symbols are aliased to their new symbol.

1.8.0 nested-vaccination (2020-06-01)

This release contains a breaking change to resolve a security issue which was discovered by Krzysztof Kotowicz(@koto); and independently by Esben Sparre Andreasen (@esbena) while performing a Variant Analysis of CVE-2020-11022 which itself was found and reported by Masato Kinugawa (@masatokinugawa).

Commits

823939c docs(changelog): add release notes for 1.8.2
d9f820a fix($sceDelegate): make resourceUrlWhitelist() is identical `trustedResourc...
5e85ef3 docs(*): fix docs on recently deprecated properties/methods
1c64a35 docs(version-support-status): add link to extended long term support
aac55c0 docs(changelog): add release notes for 1.8.1
83e5177 chore(CircleCI): fix deploy-docs job
aa7e177 chore(deps): bump node-fetch from 2.6.0 to 2.6.1
a4f3934 chore(deps): bump node-fetch
a2739b6 chore(deps): bump node-fetch
8140862 chore(deps): bump http-proxy from 1.16.2 to 1.18.1
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by petebacondarwin, a new releaser for angular-mocks since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
@dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

Update frequency (including time of day and day of week)
Pull request limits (per update run and/or open at any time)
Out-of-range updates (receive only lockfile updates, if desired)
Security updates (receive only security updates, if desired)

Bumps [angular-mocks](https://github.com/angular/angular.js) from 1.5.9 to 1.8.2. - [Release notes](https://github.com/angular/angular.js/releases) - [Changelog](https://github.com/angular/angular.js/blob/master/CHANGELOG.md) - [Commits](angular/angular.js@v1.5.9...v1.8.2) Signed-off-by: dependabot-preview[bot] <[email protected]>

dependabot-preview bot added the dependencies Pull requests that update a dependency file label Oct 23, 2020

dependabot-preview bot mentioned this pull request Oct 23, 2020

Bump angular-mocks from 1.5.9 to 1.8.1 #155

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump angular-mocks from 1.5.9 to 1.8.2 #158

Bump angular-mocks from 1.5.9 to 1.8.2 #158

dependabot-preview bot commented Oct 23, 2020

Bump angular-mocks from 1.5.9 to 1.8.2 #158

Are you sure you want to change the base?

Bump angular-mocks from 1.5.9 to 1.8.2 #158

Conversation

dependabot-preview bot commented Oct 23, 2020

1.8.2 meteoric-mining (2020-10-21)

Bug Fixes

1.8.1 mutually-supporting (2020-09-30)

Bug Fixes

Refactorings

Deprecation Notices

1.8.0 nested-vaccination (2020-06-01)